NetSec_1_SecurityThreats

Question 1

Three Classifications of Network Attacks

Answer 1

1. Recon
2. Access
3. Denial of Service (DoS)

Question 2

Vulnerability

Answer 2

Weakness or flaw in the network.

Question 3

Risk

Answer 3

Potential of a threat to exploit the vulnerabilities of an asset.

Question 4

Mitigation

Answer 4

Action of reducting the severity of a vulnerability.

Question 5

Threat

Answer 5

Potential for a vulnerability to turn into a network attack.

Question 6

Attack Vector

Answer 6

Path or other means by which an attacker can gain access to a server, host, or network.

Question 7

Vectors of Data Loss (6)

Answer 7

1. Email/ Social Networking
2. Unencrypted Devices
3. Cloud Storage Devices
4. Removable Media
5. Hard Copy
6. Improper Access Controls (Passwords, RFIDs, etc)

Question 8

AAA Server Defined

Answer 8

Authentication, authorization, and accounting server.

Question 9

VPN Defined

Answer 9

Virtual Private Network - Allows remote access, using a secured connection, to a system as if you were at the system.

Question 10

ASA Defined

Answer 10

Adaptive Security Appliance - Firewall that performs stateful packet filtering into the network.

Question 11

IPS Defined

Answer 11

Intrusion Protection System - Monitors incoming / outgoing network traffic for malicious activity.

Question 12

ESA / WSA Defined

Answer 12

Email / Web Security Appliance

Question 13

ISR Defined

Answer 13

Integrated Service Router - Router which can provide additional services aside from just routing.

Question 14

CAN Defined

Answer 14

Campus Area Network - Network made up of an interconnection of LANs within a limited geographical area. ( Business site, college campus, factory location, etc)

Question 15

Virtual Machine Specific Threats

Answer 15

1. Hyperjacking
2. Instant-On Activation
3. Anti-Virus Storms